Frequently Asked Questions

How do you configure ZAP logging?

ZAP logs to a file called “zap.log” in the ZAP ‘home’ directory.

The logging is configured by the file in the same directory.

By default the ‘main’ logging levels are set to “INFO” by these 2 lines:

Changing these to “DEBUG” (and restarting ZAP) will significantly increase the amount of logging performed:

Logging can be selectively enabled using a Stand Alone script while ZAP is running (the example below is a JavaScript script):

// The following will enable DEBUG logging for the API
// The following will enable DEBUG logging for the SessionFixation scanner